You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Register a free account to unlock additional features at BleepingComputer.com

Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Hey, how is everyone? Good I hope, I have this, I just ran Hijack this. Here are the results, I am a tech geek, but I still do not know much about how to read this. This is why I am going to school for it. I have Winfixer-S I think that is what avast says. I have spybot. Ad aware, I thought I was pretty secure, but somehow this little devil slipped through, I stopped the system from starting it's essential process at start up. It ran a program call V.exe. Now I know this is bad, I think this is a back door. It keeps regenerating itself, It has five files I have found. Kler.exe prkc.exe vont.exe relpk.exe and I have not found v.exe but I think it is there. Now Vont and Prkc reside in the C:/ directory when they regen. But Kler and Relpk they reside in the C:/WINDOWS in a folder named sdrive. Now I do not know what this is doing, as far as I know it is just irritating. But I would love a second opinion, I have Combo fix already so just an FYI. Now if someone could help me I would greatly appreciate it

BC AdBot (Login to Remove)

Sorry to double post)) Okay I do not know if this will work but I have found the virus files...They are contained in a self extracting RAR folder in PKRC this explains the regen. It had a programming comment telling it to extract itself into the sdrive folder and make the files, I erased the comment and nothing has happened so far I have also found a batch file that erased itself after install. I modified it to erase the file and folders when it was ran just in case, I think I did the right thing...But still if someone could get back to me I still would like to know...Thanks

Before we start fixing anything you should print out these instructions or copy them to a NotePad file so they will be accessible. Some steps will require you to disconnect from the Internet or use Safe Mode and you will not have access to this page.

Download SDFix and save it to your desktop.Double click SDFix.exe and it will extract the files to %systemdrive%(this is the drive that contains the Windows Directory, typically C:\SDFix). DO NOT use it just yet.

Reboot your computer inSAFE MODE" using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup [but before the Windows icon appears] press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode".

Open the SDFix folder and double click RunThis.bat to start the script.

Type Y to begin the cleanup process.

It will remove any Trojan Services or Registry Entries found then prompt you to press any key to Reboot.

Press any Key and it will restart the PC.

When the PC restarts, the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.

Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt.

Finally copy and paste the contents of the results file Report.txt in your next reply along with a new HijackThis log.

I thank you for this, but it is no longer needed...It took a bit so I tried a different antivirus service, It got rid of it, if you think it is still needed do message me and tell me, but I will only do it if I am messaged.